search

Azure-Samples / ansible-playbooks

Ansible Playbook Samples for Azure
MIT License
229 stars 349 forks source link

VMCreateSSH.yml is giving subscription not valid error #17

Closed tanvirahmed2707 closed 6 years ago

tanvirahmed2707 commented 6 years ago

This issue is for a: (mark with an x)

Minimal steps to reproduce

I have the credentials saved in the ~/.azure/credentials . Using "cloud_environment=AzureUSGovernment" ansible-playbook VMCreateSSH.yml

Any log messages given by the failure

± |master ✗| → ansible-playbook VMCreateSSH.yml [WARNING]: Unable to parse /etc/ansible/hosts as an inventory source [WARNING]: No inventory was parsed, only implicit localhost is available [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [Create Azure VM] *****

TASK [Gathering Facts] ***** ok: [localhost]

TASK [Create a resource group] ***** ok: [localhost]

TASK [Create virtual network] ** ok: [localhost]

TASK [Add subnet] ** ok: [localhost]

TASK [Create public IP address] **** ok: [localhost]

TASK [Create Network Security Group that allows SSH] *** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Error creating/updating security group testvm - Azure Error: SubscriptionNotFound\nMessage: The subscription 'xxxx-xxxx-xxxxx-xxxx-xxxx' could not be found."} to retry, use: --limit @/Users/tanvirahmed/Ansible/ansible-playbooks/VMCreateSSH.retry

PLAY RECAP ***** localhost : ok=5 changed=0 unreachable=0 failed=1

Expected/desired behavior

Playbook to run without any subscription error since it ran just fine for the previous three tasks.

OS and Version?

macOS High Sierra

Versions

Ansible 2.5.1 Python 2.7.10

Mention any other details that might be useful

yaweiw commented 6 years ago

@yungezz

yungezz commented 6 years ago

@tanvirahmed2707 thanks for reporting the issue. We'll take a look at the issue. Since you're using AzureUSGovernment azure cloud environment except for public one, it's high suspiciously to related to this.

tanvirahmed2707 commented 6 years ago

@yungezz ... Thanks a lot for looking into it! I also thought that it's an issue with "AzureUSGovernement", but then first three tasks worked very good in the same environment. It's only failing at the Security Group creation task.

yungezz commented 6 years ago

let me check is there any bug in security group to work in non-public azure cloud.

tanvirahmed2707 commented 6 years ago

@yungezz were you able to find the issue with it?

yungezz commented 6 years ago

@tanvirahmed2707 sorry for late response. This is a bug in azure_rm_securitygroup module. I'm working on fixing it in ansible repo. Before the fixing is released in official release, you could use same fix in azure_preview_modules role to unblock now.

ansible-galaxy  install git+https://github.com/Azure/azure_preview_modules.git,fix-securitygroup

then in your playbook, reference this role

roles:
  - Azure.azure_preview_modules

let me know if you met any other issue.

tanvirahmed2707 commented 6 years ago

@yungezz thanks a lot for the fix! I'll try it out and let you know.

yungezz commented 6 years ago

hi @tanvirahmed2707 , the issue was fixed in upstream 2.7 release https://github.com/ansible/ansible/pull/41123 and 2.5.x release https://github.com/ansible/ansible/pull/41073. Please let us know if any furthur issue met.

yungezz commented 6 years ago

close the issue since fix is released in official ansible.

bhardwahnitish19 commented 5 years ago

Hi, I am using ansible 2.7.4 with 'AzureUSGovernment' cloud, with Service Principal as authentication method. But, I am still facing the same issue. Could you please help.

Ansible version: 2.7.4 Python: 2.7.12

yungezz commented 5 years ago

@bhardwahnitish19 could you pls share the error message? thanks

bhardwahnitish19 commented 5 years ago

@yungezz Thanks for a quick response. It's the same error which is mentioned in the Issue description.

` PLAY [Get start timestamp] **

TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [cloud]

TASK [set_fact] *****************************************************************************************************************************************************************************
ok: [cloud]

PLAY [Prepare to run the workload] **********************************************************************************************************************************************************

TASK [Gathering Facts] **********************************************************************************************************************************************************************
ok: [cloud]

TASK [include_tasks] ************************************************************************************************************************************************************************
included: /home/cello/cello/src/operator-dashboard/agent/ansible/roles/cloud_azure/prepare/tasks/apply.yml for cloud

TASK [Setup env specific variables] *********************************************************************************************************************************************************
ok: [cloud]

TASK [Retrieve azure specific image details] ************************************************************************************************************************************************
ok: [cloud]

TASK [Print azure image results] ************************************************************************************************************************************************************
ok: [cloud] => {
    "found_images": {
    "ansible_facts": {
        "azure_vmimages": []
    },
    "changed": false,
    "failed": false
    }
}

TASK [Create azure resource group] **********************************************************************************************************************************************************
fatal: [cloud]: FAILED! => {"changed": false, "msg": "Error creating or updating resource group myresourceGroup - Azure Error: SubscriptionNotFound\nMessage: The subscription '********' could not be found."}
    to retry, use: --limit @/home/cello/cello/src/operator-dashboard/agent/ansible/provcluster.retry

PLAY RECAP **********************************************************************************************************************************************************************************
cloud                      : ok=7    changed=0    unreachable=0    failed=1`
yungezz commented 5 years ago

thanks. I'll double check. just to double confirm, you have the azure_cloud setting to AzureUSGovernment in configuration already?

bhardwahnitish19 commented 5 years ago

@yungezz Yes, I have an AzureUSGovernment cloud. I am using Service Principal for authentication. I am trying to create some VMs with ansible with an existing resource group. Please let me know if you need some more inputs.

Thanks for looking into this.

yungezz commented 5 years ago

just checked the code, the fix was in 2.7.4 release. @bhardwahnitish19 do you have environment variable AZURE_CLOUD_ENVIRONMENT set to AzureUSGovernment or cloud_environment set to AzureUSGovernment in credential file?

bhardwahnitish19 commented 5 years ago

I think I am missing it. Could you please tell me the name of the config file which needs this parameter. Do you have any reference document for it?

yungezz commented 5 years ago

https://docs.ansible.com/ansible/latest/scenario_guides/guide_azure.html

you can use either environment variable or configuration file. file name ~/.azure/credentials

bhardwahnitish19 commented 5 years ago

Thanks for sharing this. It worked perfectly after setting up cloud_environment really appreciate your help and quick response.